Distributors

The U.S. government is keeping a wary eye on what it says is hacking collective Anonymous' growing interest in attacking critical infrastructure targets.

A DHS bulletin posted this week assesses the ability of the collective to inflict damage on industrial control systems that manage equipment at power plants, water treatment facilities, chemical plants and other potential targets.

The report downplays the near-term threat posed by Anonymous to such targets, but adds that experienced and skilled members of the group could "develop capabilities to gain access and trespass on control system networks very quickly."

The report says that Anonymous recently called on members to target energy companies. DHS said the call is likely to attract both members of the collective and the broader activist hacking community.

"Asset owners and operators of critical infrastructure control systems are encouraged to engage in addressing the security needs of their control system assets," the DHS said.

The bulletin was posted on Monday on publicintelligence.net, which describes itself as "an international, collaborative research project aimed at aggregating the collective work of independent researchers around the globe who wish to defend the public's right to access information."

The DHS National Cybersecurity and Communications Integration Center (NCCIC) bulletin is not classified, but is marked for official use only. It is addressed broadly to stakeholders within the cybersecurity and critical infrastructure communities.

In the report, the DHS cites several recent actions that point toward a growing interest by Anonymous in industrial control systems.

In July, it notes, Anonymous members released a report spelling out the collective's concerns about global warming and called for protests against the Alberta Tar Sands project in Montana.

The Anonymous report aimed to draw attention to what the group claimed was "boundless greed" of several energy and financial services companies.

In July, a known member of Anonymous also publicly claimed to have accessed multiple control systems.

"The posted xml and html code reveals that the individual understands the content of the code in relation to common hacking techniques to obtain elevated privileges," the DHS said. "It does not indicate knowledge of ICS; rather, it indicates that the individual has interest in the application software used in control systems."

The Anonymous post included administrative code used to create password dump files for a human-machine interface system from Siemens, and so-called "foundation code" that is used in server communication with programmable logic controllers, industrial controllers and remote terminal units, the DHS bulletin said,

The publicly posted code "indicates that the individual was able to recognize and post the portions of code that would ensure others knowledgeable in control systems would take notice," the DHS said.

The report notes that Anonymous has the ability to disrupt some systems within the critical infrastructure -- such as Windows systems and Web applications -- by using "rudimentary attack methods" such as denial of service attacks.

"Anonymous' increased interest may indicate intent to develop an offensive ICS capability in the future," it said.

The DHS assessment comes amid increasing concern about vulnerabilities in U.S. critical infrastructure. Last year's Stuxnet worm in particular drew massive attention to the possibility that cyberattacks could disrupt or take down critical infrastructure targets.

The DHS in recent months issued several similar alerts about the activities of Anonymous, which indicates that the loosely affiliated collection of so-called hactivists is seen as a serious threat.

Slideshows

Google and Microsoft tackle triple value play at Synnex Alliance 2018

This Synnex Alliance roadshow, in association with Google and Microsoft, started with the end-user and worked back to define the notion of value, outlining the lucrative partner opportunities ahead in 2018.

Changing names: the top company rebrands hitting the channel

The past year has seen a flurry of acquisitions, sales, consolidations and business transformations in the local tech sector; ARN takes a look at the company name changes and rebrands across the Australian channel that have resulted from all this activity.

Upcoming tech talent share insights at Emerging Leaders 2018

The channel came together for the third running of the ARN Emerging Leaders Forum in Australia, created to provide a program that identifies, educates and showcases the upcoming talent of the ICT industry.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.